Signing service changes?

Hi, were there recent changes to signing service so that it now produces SHA384withSHA384withRSA instead of SHA384withRSA before

see https://github.com/eclipse/xtext/issues/2105

Perhaps the default changed from SHA_256 to SHA_384 due to some upgrades?

https://www.eclipse.org/cbi/sitedocs/eclipse-jarsigner-plugin/sign-mojo.html#digestAlgorithm

the old value seems to have been SHA384withRSA, the new one is SHA384withSHA384withRSA i assume old tycho versions (suitable for java 8) cannot handle this one

in Xtext we use the signing service directly and not the wrapper plugin

While fixing #2011 (closed), jar signing service has been redeployed with jdk 17 base image rather than jdk 11 as before. That's probably the root cause of the issue. I'll re-deploy the service with jdk 11.

I've deployed the jar signing service with jdk 11 base image. Signature is now back to SHA384withRSA.

Thank you for your report/

closed

added priorityhigh severitymajor team:security labels

thx. it is working again

marked this issue as related to #2604 (closed)

mentioned in issue #2604 (closed)

mentioned in issue #2612 (closed)